Braindump2go Free Exam Dumps with PDF and VCE Collection
https://www.mcitpdump.com/june-2021full-version-az-500-exam-dumps-pdf-az-500-278q-for-free-downloadq269-q278.html
Export date: Thu Nov 21 13:43:44 2024 / +0000 GMT

[June-2021]Full Version AZ-500 Exam Dumps PDF AZ-500 278Q for Free Download[Q269-Q278]


June/2021 Latest Braindump2go AZ-500 Exam Dumps with PDF and VCE Free Updated Today! Following are some new AZ-500 Real Exam Questions!

QUESTION 269
You are troubleshooting a security issue for an Azure Storage account.
You enable the diagnostic logs for the storage account.
What should you use to retrieve the diagnostics logs?

A. Azure Security Center
B. Azure Monitor
C. the Security admin center
D. Azure Storage Explorer

Answer: B
Explanation:
https://docs.microsoft.com/en-us/azure/storage/blobs/monitor-blob-storage?tabs=azure-portal 1

QUESTION 270
You have an Azure subscription that contains the resources shown in the following table.

You plan to enable Azure Defender for the subscription.
Which resources can be protected by using Azure Defender?

A. VM1, VNET1, storage1, and Vault1
B. VM1, VNET1, and storage1 only
C. VM1, storage1, and Vault1 only
D. VM1 and VNET1 only
E. VM1 and storage1 only

Answer: A
Explanation:
https://docs.microsoft.com/en-us/azure/security-center/azure-defender 2

QUESTION 271
You have an Azure subscription that contains a resource group named RG1 and a security group named ServerAdmins. RG1 contains 10 virtual machines, a virtual network named VNET1, and a network security group (NSG) named NSG1. ServerAdmins can access the virtual machines by using RDP.
You need to ensure that NSG1 only allows RDP connections to the virtual machines for a maximum of 60 minutes when a member of ServerAdmins requests access.
What should you configure?

A. an Azure policy assigned to RG1
B. a just in time (JIT) VM access policy in Azure Security Center
C. an Azure Active Directory (Azure AD) Privileged Identity Management (PIM) role assignment
D. an Azure Bastion host on VNET1

Answer: B
Explanation:
https://docs.microsoft.com/en-us/azure/security-center/just-in-time-explained 3

QUESTION 272
You have a web app named WebApp1.
You create a web application firewall (WAF) policy named WAF1.
You need to protect WebApp1 by using WAF1.
What should you do first?

A. Deploy an Azure Front Door.
B. Add an extension to WebApp1.
C. Deploy Azure Firewall.

Answer: A
Explanation:
https://docs.microsoft.com/en-us/azure/frontdoor/quickstart-create-front-door 4

QUESTION 273
You have an Azure subscription that contains an Azure SQL database named sql1.
You plan to audit sql1.
You need to configure the audit log destination. The solution must meet the following requirements:
- Support querying events by using the Kusto query language.
- Minimize administrative effort.
What should you configure?

A. an event hub
B. a storage account
C. a Log Analytics workspace

Answer: C
Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/tutorial-log-analytics-wizard 5

QUESTION 274
Hotspot Question
You have a management group named Group1 that contains an Azure subscription named sub1. Sub1 has a subscription ID of 11111111-1234-1234-1234-1111111111.
You need to create a custom Azure role-based access control (RBAC) role that will delegate permissions to manage the tags on all the objects in Group1.
What should you include in the role definition of Role1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:
Note: Assigning a custom RBAC role as the Management Group level is currently in preview only. So, for now the answer to the assignable scope is the subscription level.
Reference:
https://docs.microsoft.com/en-us/azure/role-based-access-control/resource-provider-operations 6
https://docs.microsoft.com/en-us/azure/role-based-access-control/custom-roles 7
https://docs.microsoft.com/en-us/azure/role-based-access-control/custom-roles-portal#step-5-assignable-scopes 8

QUESTION 275
Hotspot Question
You have an Azure subscription that contains the custom roles shown in the following table.

In the Azure portal, you plan to create new custom roles by cloning existing roles. The new roles will be configured as shown in the following table.

Which roles can you clone to create each new role? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/roles/custom-create 9
https://docs.microsoft.com/en-us/azure/role-based-access-control/custom-roles-portal 10

QUESTION 276
Drag and Drop Question
You have an Azure subscription that contains the following resources:
- A network virtual appliance (NVA) that runs non-Microsoft firewall software and routes all outbound traffic from the virtual machines to the internet
- An Azure function that contains a script to manage the firewall rules of the NVA
- Azure Security Center standard tier enabled for all virtual machines
- An Azure Sentinel workspace
- 30 virtual machines
You need to ensure that when a high-priority alert is generated in Security Center for a virtual machine, an incident is created in Azure Sentinel and then a script is initiated to configure a firewall rule for the NVA.
How should you configure Azure Sentinel to meet the requirements? To answer, drag the appropriate components to the correct requirements. Each component may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:
https://docs.microsoft.com/en-us/azure/sentinel/create-incidents-from-alerts 11
https://docs.microsoft.com/en-us/azure/sentinel/connect-azure-security-center 12

QUESTION 277
Hotspot Question
You have an Azure subscription named Subscription1 that contains the resources shown in the following table.

You have an Azure subscription named Subscription2 that contains the following resources:
- An Azure Sentinel workspace
- An Azure Event Grid instance
You need to ingest the CEF messages from the NVAs to Azure Sentinel.
What should you configure for each subscription? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

QUESTION 278
SIMULATION
You need to ensure that the rg1lod10598168n1 Azure Storage account is encrypted by using a key stored in the KeyVault10598168 Azure key vault.
To complete this task, sign in to the Azure portal.
Answer: See the explanation below.
Explanation::
Step 1: To enable customer-managed keys in the Azure portal, follow these steps:
1. Navigate to your storage account rg1lod10598168n1
2. On the Settings blade for the storage account, click Encryption. Select the Use your own key option, as shown in the following figure.

Step 2: Specify a key from a key vault
To specify a key from a key vault, first make sure that you have a key vault that contains a key. To specify a key from a key vault, follow these steps:
4. Choose the Select from Key Vault option.
5. Choose the key vault KeyVault10598168 containing the key you want to use.
6. Choose the key from the key vault.

Reference:
https://docs.microsoft.com/en-us/azure/storage/common/storage-encryption-keys-portal 13


Resources From:

1.2021 Latest Braindump2go AZ-500 Exam Dumps (PDF & VCE) Free Share:
https://www.braindump2go.com/az-500.html

2.2021 Latest Braindump2go AZ-500 PDF and AZ-500 VCE Dumps Free Share:
https://drive.google.com/drive/folders/1sQAsVdJ79oBKFiswxjUzGT6Gt6a6PYWl?usp=sharing

3.2021 Free Braindump2go AZ-500 Exam Questions Download:
https://www.braindump2go.com/free-online-pdf/AZ-500-PDF-Dumps(269-278).pdf

Free Resources from Braindump2go,We Devoted to Helping You 100% Pass All Exams!

Links:
  1. https://docs.microsoft.com/en-us/azure/storage/blo bs/monitor-blob-storage?tabs=azure-portal
  2. https://docs.microsoft.com/en-us/azure/security-ce nter/azure-defender
  3. https://docs.microsoft.com/en-us/azure/security-ce nter/just-in-time-explained
  4. https://docs.microsoft.com/en-us/azure/frontdoor/q uickstart-create-front-door
  5. https://docs.microsoft.com/en-us/azure/active-dire ctory/reports-monitoring/tutorial-log-analytics-wi zard
  6. https://docs.microsoft.com/en-us/azure/role-based- access-control/resource-provider-operations
  7. https://docs.microsoft.com/en-us/azure/role-based- access-control/custom-roles
  8. https://docs.microsoft.com/en-us/azure/role-based- access-control/custom-roles-portal#step-5-assignab le-scopes
  9. https://docs.microsoft.com/en-us/azure/active-dire ctory/roles/custom-create
  10. https://docs.microsoft.com/en-us/azure/role-based- access-control/custom-roles-portal
  11. https://docs.microsoft.com/en-us/azure/sentinel/cr eate-incidents-from-alerts
  12. https://docs.microsoft.com/en-us/azure/sentinel/co nnect-azure-security-center
  13. https://docs.microsoft.com/en-us/azure/storage/com mon/storage-encryption-keys-portal
Post date: 2021-06-28 09:35:39
Post date GMT: 2021-06-28 09:35:39

Post modified date: 2021-06-28 09:35:39
Post modified date GMT: 2021-06-28 09:35:39

Export date: Thu Nov 21 13:43:44 2024 / +0000 GMT
This page was exported from Braindump2go Free Exam Dumps with PDF and VCE Collection [ https://www.mcitpdump.com ]
Export of Post and Page has been powered by [ Universal Post Manager ] plugin from www.ProfProjects.com